m 
o 

I. 

•a 

o 



CO 

r— I 



T— ( 



CO 



3 



in 

CO 



Q 
O 

W 

W 
01 
M 

SB 

ru 
ru 
si 
o 



O 
"3" 



SP 

tfi 

CO 

s 

o 

*^ 

N3 



1 



o 

8 
o 

PL. 

§ 
1 



o 



o5 

i 

i 



o 

■3 



cd 



o 

■■a 

o 

id 



1 

5 



CO 



5! 



Q 

Ci 
u 
j= 

W 

ru 
w 

M 

a 



• 1—1 



o 
in 

S3 



O 
IT) 

00 



CO 

o ^ 

> & 

to S-^ 



(D 

CO 



o 

in 



I 



o 

CO 

CO* 

3 



oo 
m 

T 1 

Oh 



in 



©Figure 6 







r 


601 


Place Node In 
Authentication Table 






r 


603 -v. 


Receive Message With 
Identifier/Username 






r 



p 



605 



is; 



Authentic 
Mechanism 
^porteclJ- 

Yes 



609 



611 



613 



Send Acknowledgement: 
Support For Security 




r 


Perform Public 
Information Exchange For 
Key Generation 


i 


r 


Perform Verification 
Information Exchange 







No 



615 



Store Security 
Information 



607 



Send Negative 
Acknowledgement : 
Authentication 
Mechanism Not 
Supported 




M End 



^ 5 



m 



Algorithm 
Information 707 


3DES, MD5 








on 705 


j39210 


















Inform 


oo" 

G\ 

$ 








Key 


m 








SPI 701 


2378349 






i 


Class Of 
Traffic 715 


Class36 






: 


tion Address 
713 


ID135 




: 


: 




Q 








Desl 






























Source Address 


SID13 









no 

CO 

I 



i 

O 
CD 
CO 



oo 4 

f-i 



2 

o 

CO 



■a 

o 

Oh 

CN 
i 

u 

ft 



m 

r-H 

CO 



ft 

o 

ft 

o 
o 

o ^ 
-m cd 

g Q 

| g CO 

< "3 



00 



ft 



UO 
OO 



ON 
O 
CO 

tj 
Q 

-a 

o 
ft 



On 

CO 

<D 

& 

o 

CO 



o 

ft 



g O ffi CO 



co S si o 
ft co g oo 



ft O 

CO CO 



CM 
OO 
<D 

s 

CO 

o 

1 

I 



8 

CO 



Figure 9 



( Start j 



901 





r 


Identify Frame 







903 



Fram^Mat&iesOne 
The Selectors^ 
The Security 
^Association^ 



907 



Add Security Header 
With Parameters Derived 
From The Selected 
Security Association 



909 



No 



Normalize Data 



911 



Pad Payload 



913 



915 



917 



Encrypt Using Key And 
Algorithm Information 



Compute Authentication 
Data 



Send Frame 




Figure 



1001 



( Start J 





r 


Receive Frame 




r 



1003 



Secured Frame? 



1005 



1007 



1009 



1011 



Yes 



Check SPI Against 
Security Database 



Compute Authentication 
Data 



Compare Authenticaton 
Data 



Decrypt Frame Using Key 
And Algorithm 
Information 



